Skip to content

RFC 6750 v0.0.1

Latest
Latest

Choose a tag to compare

View all tags
@coenttb coenttb released this 27 Jul 09:05
· 3 commits to main since this release
0.0.1
1a2ab22

RFC 6750: OAuth 2.0 Authorization Framework: Bearer Token Usage v0.0.1

Initial release of the Swift implementation for RFC 6750 OAuth 2.0 Bearer Token Usage.

Features

  • Complete Bearer Token Implementation: Fully compliant with RFC 6750 specification
  • Three Transmission Methods:
    • Authorization header (recommended): Authorization: Bearer token
    • Form-encoded body parameter: access_token=token
    • URI query parameter: ?access_token=token (not recommended)
  • WWW-Authenticate Challenge Support: Handle server authentication challenges with realm, scope, and error parameters
  • Standard OAuth 2.0 Error Codes: invalid_request, invalid_token, insufficient_scope
  • Token Validation: ASCII character validation and proper format checking
  • Comprehensive Error Handling: Detailed error types with OAuth 2.0 compliance

API Overview

import RFC_6750

// Create Bearer token
let bearer = try RFC_6750.Bearer(token: "mF_9.B5f-4.1JqM")

// Authorization header method (recommended)
let authHeader = bearer.authorizationHeaderValue()
// Result: "Bearer mF_9.B5f-4.1JqM"

// Parse from Authorization header
let parsed = try RFC_6750.Bearer.parse(from: "Bearer mF_9.B5f-4.1JqM")

// Form parameter method
let formParam = bearer.formParameter()
// Result: ("access_token", "mF_9.B5f-4.1JqM")

// Handle WWW-Authenticate challenges
let challenge = RFC_6750.Bearer.Challenge(
    realm: "example.com",
    scope: "read write",
    error: .invalidToken,
    errorDescription: "Token has expired"
)
let challengeHeader = challenge.wwwAuthenticateHeaderValue()

Testing

  • ✅ 19 comprehensive tests covering all functionality
  • ✅ All three transmission methods tested
  • ✅ Challenge parsing and generation
  • ✅ Error condition validation
  • ✅ Edge cases (special characters, long tokens)
  • ✅ OAuth 2.0 error code compliance

Security Notes

⚠️ Important Security Considerations:

  • Always use HTTPS/TLS when transmitting Bearer tokens
  • URI query parameter method has security implications - avoid when possible
  • Implement short token lifetimes (recommended: 1 hour or less)
  • Validate token audience and scope restrictions

Requirements

  • Swift 5.7+
  • iOS 13.0+ / macOS 10.15+ / tvOS 13.0+ / watchOS 6.0+
Assets 2
Loading